This book is an essential guide for IT professionals, cybersecurity experts, and organizational leaders navigating the complex realm of cyber defense. It offers an in-depth analysis of the Critical Security Controls for Effective Cyber Defense, known as the CIS 18 Controls, which are vital actions for protecting organizations against prevalent cyber threats.

The core of the book is an exhaustive examination of each CIS 18 Control. Developed by the Center for Internet Security (CIS), these controls are the benchmark in cybersecurity, crafted to counteract the most common and impactful cyber threats. The book breaks down these controls into comprehensible segments, explaining their implementation, management, and effectiveness. This detailed approach is crucial in the context of the digital era's evolving cyber threats, heightened by the rise in remote work and cloud-based technologies. The book's relevance is magnified by its focus on contemporary challenges, offering strategies to strengthen cyber defenses in a fast-paced digital world.

What You Will Learn

• Implementation Strategies: Learn detailed strategies for implementing each of the CIS 18 Controls within your organization. The book provides step-by-step guidance and practical insights to help you integrate these controls effectively, ensuring that your cyber defenses are robust and resilient.
• Risk Mitigation Techniques: Discover how to identify and mitigate risks associated with failing to implement these controls. By understanding the potential consequences of neglecting each control, you can prioritize actions that protect your organization from the most significant threats.
• Actionable Recommendations: Access practical, actionable recommendations for managing and maintaining these controls. The book offers clear and concise advice on how to continuously improve your cybersecurity measures, adapting to evolving cyber threats and organizational needs to ensure long-term protection.
• Training and Simplification: Explore recommended training programs and simplified security control measures that can be tailored to fit the specific needs and challenges of your business environment. This section emphasizes the importance of ongoing education and streamlined processes to enhance your organization's overall cybersecurity readiness.
• Importance and Relevance: Understand the importance and relevance of each CIS 18 Control in the context of contemporary cybersecurity challenges. Learn why these controls are crucial for safeguarding your organization against the most prevalent cyber threats.
• Key Concepts and Terms: Familiarize yourself with the key concepts and terms associated with each CIS 18 Control. This foundational knowledge will help you communicate more effectively with stakeholders and ensure a common understanding of cybersecurity principles.

• Questions to Ask: Discover the critical questions you should ask when assessing your organization's implementation of each control. These questions will guide your evaluation and help identify areas for improvement.

  Who This Book Is For

  IT and cybersecurity professionals, business leaders and executives, small business owners and managers, students and academics in cybersecurity fields, government and on-profit sector professionals, and cybersecurity consultants and trainers

  Gain a comprehensive yet practical approach to understanding and implementing the CIS 18 Controls Uniquely designed to cater to both technical and non-technical readers Addresses the current cyber threat landscape and the latest best practices in cyber defense

  Autorentext

  Dr. Jason Edwards is a seasoned cyber author and professional with over 20 years of experience in the cybersecurity field, having held diverse roles from IT operations and project management to cybersecurity strategy and governance. His strategic approach has enabled him to guide organizations through complex cyber defense challenges, ensuring robust protection against evolving threats. As the author of several books and dozens of articles, Dr. Edwards shares deep knowledge and practical insights with IT professionals, cybersecurity experts, and organizational leaders. Active on LinkedIn, he connects with over 70,000 professionals through daily and weekly posts, and manages a 20,000-subscriber mailing list called the Cyber Spear. Passionate about education and community engagement, he offers monthly group sessions, one-on-one consultations, and is a frequent podcast guest discussing cybersecurity trends, strategies, and best practices. For more information, visit his website at jason-edwards.me.

  Inhalt

Chapter 1. Control 1: Inventory and Control of Enterprise (Hardware) Assets.- Chapter 2. Control 2: Inventory and Control of Software Assets.- Chapter 3. Control 3: Data Protection.- Chapter 4. Control 4: Secure Configuration of Enterprise Assets and software.- Chapter 5. Control 5: Account Management.- Chapter 6. Control 6: Access Control Management.- Chapter 7. Control 7: Continuous Vulnerability Management.- Chapter 8. Control 8: Audit Log Management.- Chapter 9. Control 9: Email and Web Browser Protections.- Chapter 10. Control 10: Malware Defenses.- Chapter 11. Control 11: Data Recovery.- Chapter 12. Control 12: Network Infrastructure Management.- Chapter 13. Control 13: Network Monitoring and Defense.- Chapter 14. Control 14: Security Awareness and Skills Training.- Chapter 15. Control 15: Service Provider Management.- Chapter 16. Control 16: Application Software Security.- Chapter 17. Control 17: Incident Response Management.- Chapter 18. Control 18: Penetration Testing.